Menu

Lumen help

Token definition

The following services allow managing token-authentication definitions at both the service component and property level (service component if no alias is provided, or a property when an alias has been specified).

Token authentication allows you to protect content from URL tampering or unauthorized re-use or re-publication via email forwarding or deep linking to content. Using shared secrets defined in the tokens, a URL signature appended to the query string of the resource URL can be validated by the CDN before serving content without contacting your environment for authentication.

Up to 10 token definitions can be defined at the service component and each property level. A token definition is defined by a unique ID, represented by an integer between 0 and 9, a string representing the secret, and an optional start and end time stamp. Time stamps are given in UNIX epoch format, for example 145251839. The time stamps define a period for which the token will be in effect.

Because resources are cached by URL and the use of token authentication requires insertion of query string parameters into the request URL, Query String Handling Mode should also be implemented as appropriate. Typically, the token parameters (stime, etime, encoded) should be excluded from the cached resource URL.

Description

Creates a new token definition. Requires a token ID and a secret. A start and end time stamp in UNIX epoch are optional parameters that can be included. The response echoes the supplied token definition on success.

Method

POST

Base URI

https://ws.level3.com

Body syntax

{

"tokenid": "<token id, and integer between 0 and 9>", # required
"secret": "<shared secret string>", # required
"start": "<the secret start time in UNIX epoch>", # optional
"end": "<the secret end time in UNIX epoch>", # optional
}

URI syntax

/serviceConfiguration/(version)/(scope)/Tokens

version [CDATA[ ]]
Values: "v1.0" (required)
scope [CDATA[ ]] (AG)/(SCID)[/(ALIAS)]

AG = Access Group

SCID = Service Component Identifier

ALIAS = Optional Alias identifies Property

Example

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/test1.caching.cdn.level3.net/Tokens

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/

{
"tokenid": "1",
"secret": "secret1",
"start": "1415252687",
"end": "1415339087"
}

{
"tokenid": "1",
"secret": "secret1",
"start": "1415252687",
"end": "1415339087"
}

Possible status and error messages returned to client

201: Created.

Description

Retrieves a single token definition for a service component or property.

Method

GET

Base URI

https://ws.level3.com

URI syntax

/serviceConfiguration/(version)/(scope)/Tokens/(tokenid)

version [CDATA[ ]] Values: "v1.0" (required)
scope [CDATA[ ]] (AG)/(SCID)[/(ALIAS)]

AG = Access Group

SCID = Service Component Identifier

ALIAS = Optional Alias identifies Property

Example

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/test1.caching.cdn.level3.net/Tokens/1

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/Tokens/1

{
"tokenid": "1",
"secret": "secret1",
"start": "1415252687",
"end": "1415339087"
}

Possible status and error messages returned to client

200: Request Successful.

Description

Retrieves the array of token definitions for service component or property.

Method

GET

Base URI

https://ws.level3.com

URI syntax

/serviceConfiguration/(version)/(scope)/Tokens

version [CDATA[ ]] Values: "v1.0" (required)
scope [CDATA[ ]] (AG)/(SCID)[/(ALIAS)]

AG = Access Group

SCID = Service Component Identifier

ALIAS = Optional Alias identifies Property

Example

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/test1.caching.cdn.level3.net/Tokens

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/Tokens

{
"tokenid": "0",
"secret": "secret0",
"start": "1415251839",
"end": "1415338239"
},
{
"tokenid": "1",
"secret": "secret1",
"start": "1415252687",
"end": "1415339087"
}
]

Possible status and error messages returned to client

200: Request Successful.

Description

Removes a token definition for a service component or property.

Method

DELETE

Base URI

https://ws.level3.com

URI syntax

/serviceConfiguration/(version)/(scope)/Tokens/(tokenid)

version [CDATA[ ]] Values: "v1.0" (required)
scope [CDATA[ ]] (AG)/(SCID)[/(ALIAS)]

AG = Access Group

SCID = Service Component Identifier

ALIAS = Optional Alias identifies Property

Example

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/test1.caching.cdn.level3.net/Tokens/1

https://ws.level3.com/serviceConfiguration/v1.0/1234/BBBN5678/Tokens/1

[Empty]

Possible status and error messages returned to client

200: Request Successful.